Properly offboarding an employee is serious business. Around 70% of intellectual property theft occurs within 90 days of an employee’s resignation. That means for three months prior to an employee giving notice, there are serious security risks to your business and data. Whether you suspect an employee may be ready to give their notice, or you just want to prepare for the unexpected, we are sharing a few helpful tips to better secure your data when offboarding an employee.
Let’s first discuss what potential risks your company may be vulnerable to when an employee is considering resignation. The main risk is data loss through vandalism, meaning deleting files, changing data, or anything that could cause a headache for your team upon the employee’s departure. Another huge risk is having your intellectual property stolen and given to a new company. There may also be the risk of your employee stealing property and selling it. Disgruntled employees are more likely to steal sensitive information for retribution or monetary gains. This is why a formal offboarding process is so crucial in preventing these data security risks.
Examples of Sensitive Information
There are many security risks that can leave your company vulnerable. Here are just a few examples:
- Passwords: internal accounts, software programs, social media accounts, etc.
- Intellectual property
- Customer lists and data
- Internal pricing structures
- Emails or personally identifiable information
So how can a business owner better prepare? Here are a few helpful tips:
Create and Follow a Checklist
When an employee resigns or is terminated, it can often feel overwhelming. You want to be sure to plan ahead of time so that no details are overlooked. An Employee Offboarding Checklist is the answer! Each business is different, so your checklist should be tailored specifically to your company. The checklist should address information that’s sensitive to your business. The moment an employee announces their exit, proper steps need to be followed immediately. Some examples of what to include on your checklist are disabling their accounts, changing passwords on any shared accounts and revoking access to email privileges. Be sure to review your business’ data security policies with the employee so they know the information they are allowed to take with them, and which types of data would be illegal to take. Always conduct an exit interview, as well.
Notify Your Team
The first call you should make is to your IT department or company. They need to be monitoring unusual or suspect activity on the employee’s devices. The IT company should also start properly offboarding the employee by removing access to devices, changing passwords, etc. You will also want to notify the other employees in the office when someone is terminated or hands in their resignation, so the employee does not approach other team members for access to sensitive information.
Inventory All Data
Run through all data that should be collected from the employee. You will want to ensure you collect all company property, like laptops, USB storage devices, key cards, etc. It’s important to always take inventory of all devices that employees have access to, so you know what to properly collect upon a team member’s exit.
Now that you understand the security risks of an employee’s resignation, be sure to prepare and establish an offboarding process, so you can immediately jump into action.